[Git][security-tracker-team/security-tracker][master] Process NFUs

Mon Dec 29 20:24:25 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
42de27b9 by Salvatore Bonaccorso at 2025-12-29T21:23:57+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2025-69211 (Nest is a framework for building scalable Node.js server-side applicat ...)
-	TODO: check
+	NOT-FOR-US: Nest
 CVE-2025-69206 (Hemmelig is a messing app with with client-side encryption and self-de ...)
-	TODO: check
+	NOT-FOR-US: Hemmelig
 CVE-2025-69202 (Axios Cache Interceptor is a cache interceptor for axios. Prior to ver ...)
-	TODO: check
+	NOT-FOR-US: Axios Cache Interceptor
 CVE-2025-69201 (Tugtainer is a self-hosted app for automating updates of docker contai ...)
-	TODO: check
+	NOT-FOR-US: Tugtainer
 CVE-2025-69200 (phpMyFAQ is an open source FAQ web application. In versions prior to 4 ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2025-68951 (phpMyFAQ is an open source FAQ web application. Versions 4.0.14 and 4. ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2025-68929 (Frappe is a full-stack web application framework. Prior to versions 14 ...)
-	TODO: check
+	NOT-FOR-US: Frappe
 CVE-2025-68928 (Frappe CRM is an open-source customer relationship management tool. Pr ...)
-	TODO: check
+	NOT-FOR-US: Frappe CRM
 CVE-2025-68897 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68893 (Server-Side Request Forgery (SSRF) vulnerability in HETWORKS WordPress ...)
@@ -33,13 +33,13 @@ CVE-2025-68868 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-68861 (Missing Authorization vulnerability in Plugin Optimizer allows Exploit ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68706 (A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon o ...)
-	TODO: check
+	NOT-FOR-US: KuWFi
 CVE-2025-68431 (libheif is an HEIF and AVIF file format decoder and encoder. Prior to  ...)
 	TODO: check
 CVE-2025-67255 (In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack pro ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2025-67254 (NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traver ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2025-66877 (Buffer overflow vulnerability in function dcputchar in decompile.c in  ...)
 	TODO: check
 CVE-2025-66869 (Buffer overflow vulnerability in function strcat in asan_interceptors. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42de27b97f99fd9585c18283954d7a2493d880dd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42de27b97f99fd9585c18283954d7a2493d880dd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251229/8a19a9ce/attachment.htm>
